<%@taglib prefix="sql" uri="http://java.sun.com/jsp/jstl/sql"%>
<%@taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>

<sql:query var="users" dataSource="jdbc/lut2">
    SELECT * FROM admin_users
    WHERE  uname = ?
    AND pw = ?
    <sql:param value="${param.username}" />
    <sql:param value="${param.password}" />
</sql:query>

<sql:query var="common_users" dataSource="jdbc/lut2">
    SELECT * FROM users
    WHERE uname = ?
    AND pw = ?
    <sql:param value="${param.username}" />
    <sql:param value="${param.password}" />
</sql:query>

<%@page contentType="text/html" pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <link rel="stylesheet" type="text/css" href="lutstyle.css">
        <title>LUT Admin pages</title>
    </head>
    <body>
    
    <script>
//        db_count = "${users.getRowCount()}";
//    
//		if(db_count == 0){
//			alert("Login failed");
//		}else if(db_count == 1){
//			alert("Login succeeded")
//		}else{
//			
//		}
    </script>
    
    	 <c:choose>
            <c:when test="${users.getRowCount() == 0}">
            	<c:choose>
            		<c:when test="${common_users.getRowCount() == 0}">
                	Login failed <br>
                	<a href="login.jsp">&larr; Try again</a>
                </c:when>
                <c:otherwise>
                <% String name = request.getParameter( "username" );
   session.setAttribute( "session_name", name );
   session.setAttribute("is_admin", Boolean.valueOf(false));
   session.setMaxInactiveInterval(60);
%>
            
                <h1>Login suceeded</h1> 
                Welcome ${param.username}.<br> 
                Unfortunately, there is no admin functionality here. <br>
                You need to figure out how to tamper with the application some other way.
                <a href="index.jsp">continue</a>
                
            <%   	
				String destination ="index.jsp";
				response.sendRedirect(response.encodeRedirectURL(destination));
			%>
                </c:otherwise>
            	</c:choose>
            </c:when>
            <c:otherwise>
            
            <% String name = request.getParameter( "username" );
   session.setAttribute( "session_name", name );
      session.setAttribute("is_admin", Boolean.valueOf(true));
   session.setMaxInactiveInterval(60);
%>
            
                <h1>Login suceeded</h1> 
                Welcome ${param.username}.<br> 
                Unfortunately, there is no admin functionality here. <br>
                You need to figure out how to tamper with the application some other way.
                <a href="index.jsp">continue</a>
                
            <%   	
				String destination ="index.jsp";
				response.sendRedirect(response.encodeRedirectURL(destination));
			%>
                
            </c:otherwise>
        </c:choose>

    </body>
    </html>